一、DER编码密钥对
先说下DER编码,是因为JCE本身是支持DER编码密钥对的解析的,可以参见PKCS8EncodedKeySpec和X509EncodedKeySpec.
DER编码是ASN.1编码规则中的一个子集,具体格式如何编排没有去了解,但最终呈现肯定的是一堆有规律的二进制组合而成。
PKCS#8定义了私钥信息语法和加密私钥语法,而X509定义证书规范,通常都会用DER和PEM进行编码存储,而在JAVA中则使用的
DER。
接下来看看如果通过DER编码的密钥对分别获取JAVA的公私钥对象。
1.下面一段是生成私钥对象的,传入参数是DER编码的私钥内容。
@Override public PrivateKey generatePrivateKey(byte[] key) throws NoSuchAlgorithmException, InvalidKeySpecException { KeySpec keySpec = new PKCS8EncodedKeySpec(key); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); return keyFactory.generatePrivate(keySpec); }
2.下面是生成公钥对象的,传入参数是DER编码公钥内容,可以看到和生成私钥的部分非常相似。
public PublicKey geneneratePublicKey(byte[] key) throws InvalidKeySpecException, NoSuchAlgorithmException{ KeySpec keySpec = new X509EncodedKeySpec(key); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); return keyFactory.generatePublic(keySpec); }
二、PEM编码
PEM编码也是密钥对较常用的编码方式,openssl则是以PEM编码为主,相对DER对人可读性更强,以BASE64编码呈现,外围包上类似-----BEGIN RSA PRIVATE KEY-----。
JCE没有对PEM直接支持的方式,但是可以通过第三方包例如bouncycastle解析,当然如果想要自己理解pem编码结构,也可以自己写代码解析。
这里介绍下如何使用bouncycastle进行解析。
FileInputStream fis = new FileInputStream("id_rsa"); byte[] key = PrivateKeyUtils.readStreamToBytes(fis); Security.addProvider(new BouncyCastleProvider()); ByteArrayInputStream bais = new ByteArrayInputStream(key); PEMReader reader = new PEMReader(new InputStreamReader(bais), new PasswordFinder() { @Override public char[] getPassword() { return "".toCharArray(); } }); KeyPair keyPair = (KeyPair) reader.readObject(); reader.close(); PublicKey pubk = keyPair.getPublic(); System.out.println(pubk); PrivateKey prik = keyPair.getPrivate(); System.out.println(prik); KeySpec keySpec = new X509EncodedKeySpec(pubk.getEncoded()); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); System.out.println(keyFactory.generatePublic(keySpec)); KeySpec keySpec2 = new PKCS8EncodedKeySpec(prik.getEncoded()); System.out.println(keyFactory.generatePrivate(keySpec2));
看下这个输出结果
RSA Public Key modulus: c8f3e2d2e7fffe049127a115cab648fa9f55a7712d40868dccbddef9ebf030480a31f060e6c1ace2c53660e467cd173870367223dccea00ef2bdf6795757eb34fe1e8cfb63a0d333eefc9739029512df68108dd4b8054a12bdb206abd2ee7a727faa79604680c1337473ecd3d9a1a10b6cbc3af7862a74619ea7fe3a5bb2b89dded41dc5e4e4d5fcad169b85a599487929de1788e1e9a8d4efae4fda811d1e4d975b50d0d61b5887402ca975ec5e1d3ff193522b84746fe35ab00d073fed466786d9303f19c642c02cb1ad3a1ec6f0b7234e492e79500ee0bb1c1f07c23ae70af9b75aa35a6c75573d302cbf8f034341932dc371689b9f952388328c5277c117 public exponent: 10001 RSA Private CRT Key modulus: c8f3e2d2e7fffe049127a115cab648fa9f55a7712d40868dccbddef9ebf030480a31f060e6c1ace2c53660e467cd173870367223dccea00ef2bdf6795757eb34fe1e8cfb63a0d333eefc9739029512df68108dd4b8054a12bdb206abd2ee7a727faa79604680c1337473ecd3d9a1a10b6cbc3af7862a74619ea7fe3a5bb2b89dded41dc5e4e4d5fcad169b85a599487929de1788e1e9a8d4efae4fda811d1e4d975b50d0d61b5887402ca975ec5e1d3ff193522b84746fe35ab00d073fed466786d9303f19c642c02cb1ad3a1ec6f0b7234e492e79500ee0bb1c1f07c23ae70af9b75aa35a6c75573d302cbf8f034341932dc371689b9f952388328c5277c117 public exponent: 10001 xxx Sun RSA public key, 2048 bits modulus: 25367925677263221630752072905429434117596189021449325931333193529363239091429133073657699480437320802724298965580526553453499379398405915207286949216370963889754756788008021698178495726807109888833039800230667805051637457878962812581009778614579379073430749907762728841603230968432191178635884450213875555645164935313884823663096624318071901833679005494934145072511042211644746801428698070096755012497436134537077746175344235590315572214836519284172251946833712681076781034466422251569387242330311670205489884189790153154281087401570994337126054046621401176808489895271448688335849540690562754961439975230588159770903 public exponent: 65537 Sun RSA private CRT key, 2048 bits modulus: 25367925677263221630752072905429434117596189021449325931333193529363239091429133073657699480437320802724298965580526553453499379398405915207286949216370963889754756788008021698178495726807109888833039800230667805051637457878962812581009778614579379073430749907762728841603230968432191178635884450213875555645164935313884823663096624318071901833679005494934145072511042211644746801428698070096755012497436134537077746175344235590315572214836519284172251946833712681076781034466422251569387242330311670205489884189790153154281087401570994337126054046621401176808489895271448688335849540690562754961439975230588159770903 public exponent: 65537 xxx中间内容太多,略去了一部分,看下重点的public exponent部分,发现不同,但其实是一个是10进制输出,一个是16进制输出,所以在这里提个醒,这里生成过程没有错的。
三、openssh公钥
很多SSH公钥习惯使用openssh格式的,下面介绍下openssh格式的公钥如何解析,目前好像是没有官方库或者第三方库提供支持的。
openssh公钥呈现形式如
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCW6qYq6m8gVOWLyTB1JGl1aLrJDOCIfErXWNUsNeUXg4UdAtSbkiA+Ta9Nx6oMR4w+OkPbxyivnzkZt1YpmDxrm1z99z81/VyVw+lue+3neRjTgfGMascG+46b7DpEKLXlfS2hwOA+4ooRIeR+LbQZVovy5SP6ZTngskiqcySYqQ== RSA-1024
以ssh-rsa打头,描述“RSA-1024”结尾的形式,中间是Base64编码。
这里过滤掉除了Base64外的其他部分,解码Base64得到公钥二进制内容。
这里二进制编码格式如下:
前11字节固定
0 0 0 7 's' 's' 'h' '-' ‘r' 's' 'a'
紧接着4个字节为一个int值,表示public exponent所占字节长度
可通过移位符及相加或者BigInteger方式实现转换。
public static int decodeUInt32(byte[] key, int start_index){ byte[] test = Arrays.copyOfRange(key, start_index, start_index + 4); return new BigInteger(test).intValue(); // int int_24 = (key[start_index++] << 24) & 0xff; // int int_16 = (key[start_index++] << 16) & 0xff; // int int_8 = (key[start_index++] << 8) & 0xff; // int int_0 = key[start_index++] & 0xff; // return int_24 + int_16 + int_8 + int_0; }
得到长度后,再从后一字节开始读取该长度字节作为public exponent的值,构造相应BigInteger。
再紧接着4个字节也是一个int值,表示modulus所占字节长度,同理转换得到长度。
再根据长度读取字节数组得到modulus值即可。
相应代码如下
public static RSAPublicKey decodePublicKey(byte[] key) throws NoSuchAlgorithmException, InvalidKeySpecException{ byte[] sshrsa = new byte[] { 0, 0, 0, 7, 's', 's', 'h', '-', 'r', 's', 'a' }; int start_index = sshrsa.length; /* Decode the public exponent */ int len = decodeUInt32(key, start_index); start_index += 4; byte[] pe_b = new byte[len]; for(int i= 0 ; i < len; i++){ pe_b[i] = key[start_index++]; } BigInteger pe = new BigInteger(pe_b); /* Decode the modulus */ len = decodeUInt32(key, start_index); start_index += 4; byte[] md_b = new byte[len]; for(int i = 0 ; i < len; i++){ md_b[i] = key[start_index++]; } BigInteger md = new BigInteger(md_b); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); KeySpec ks = new RSAPublicKeySpec(md, pe); return (RSAPublicKey) keyFactory.generatePublic(ks); }